Commit Graph

9201 Commits

Author SHA1 Message Date
Sebastiaan van Stijn 9b06602545
Merge pull request #4709 from thaJeztah/update_logentries_driver
docs/deprecated: mark logentries log-driver for removal
2023-12-13 10:11:20 +01:00
Sebastiaan van Stijn e81a666614
docs/deprecated: mark logentries log-driver for removal
The service has been discontinued on November 15, 2022:

> Dear Logentries user,
>
> We have identified you as the owner of, or collaborator of, a Logentries
> account.
>
> The Logentries service will be discontinued on November 15th, 2022. This
> means that your Logentries account access will be removed and all your
> log data will be permanently deleted on this date.
>
> Next Steps
> If you are interested in an alternative Rapid7 log management solution,
> InsightOps will be available for purchase through December 16th, 2022.
> Please note, there is no support to migrate your existing Logentries
> account to InsightOps.
>
> Thank you for being a valued user of Logentries.
>
> Thank you,
> Rapid7 Customer Success

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-13 10:04:40 +01:00
Sebastiaan van Stijn 9eb632dc7c
Merge pull request #4387 from thaJeztah/single_cli_option
cli/command: merge DockerCliOption and InitializeOpt types
2023-12-12 22:28:19 +01:00
Sebastiaan van Stijn 7b3a60fad3
Merge pull request #4704 from thaJeztah/bump_engine
vendor: github.com/docker/docker 92884c25b394 (v25.0.0-dev)
2023-12-12 17:19:23 +01:00
Sebastiaan van Stijn aec7ec7f61
vendor: github.com/docker/docker 92884c25b394 (v25.0.0-dev)
full diff: 4046ae5e2f...92884c25b3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-12 16:57:38 +01:00
Sebastiaan van Stijn 0a3a16d2b4
vendor: github.com/containerd/containerd v1.7.11
full diff: https://github.com/containerd/containerd/compare/v1.7.8...v1.7.11

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-12 16:39:14 +01:00
Sebastiaan van Stijn 54c103aff4
vendor: upgrade OpenTelemetry to v1.19.0 / v0.45.0
Upgrade to the latest OpenTelemetry libraries; this will unblock a lot of
downstream projects in the ecosystem to upgrade, as some of the parts here
were pre-1.0/unstable.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-12 16:39:08 +01:00
Sebastiaan van Stijn d49970590c
vendor: github.com/felixge/httpsnoop v1.0.4
full diff: https://github.com/felixge/httpsnoop/compare/v1.0.3...v1.0.4

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-12 16:22:47 +01:00
Sebastiaan van Stijn 7af509c7f1
cli/command: merge DockerCliOption and InitializeOpt types
The cli/command package defined two option-types with the same signature.

This patch creates a new type instead (CLIOption), and makes the existing
types an alias for this (deprecating their old names).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-12 15:01:36 +01:00
Sebastiaan van Stijn 7d92573852
Merge pull request #4599 from laurazard/plugin-signal-handling
cli-plugins: terminate plugin when CLI exits
2023-12-12 14:58:04 +01:00
Laura Brehm 1554ac3b5f
cli-plugins: terminate plugin when CLI exits
Previously, long lived CLI plugin processes weren't
properly handled
(see: https://github.com/docker/cli/issues/4402)
resulting in plugin processes being left behind
running, after the CLI process exits.

This commit changes the plugin handling code to open
an abstract unix socket before running the plugin and
passing it to the plugin process, and changes the
signal handling on the CLI side to close this socket
which tells the plugin that it should exit.

This implementation makes use of sockets instead of
simply setting PDEATHSIG on the plugin process
so that it will work on both BSDs, assorted UNIXes
and Windows.

Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2023-12-12 13:54:30 +00:00
Sebastiaan van Stijn ce6832a355
Merge pull request #4707 from thaJeztah/fix_overlay_typo
docs: fix typo in "network create" docs
2023-12-11 22:48:02 +01:00
Sebastiaan van Stijn 0a94d85cd6
docs: fix typo in "network create" docs
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-11 22:33:52 +01:00
Sebastiaan van Stijn 4dd5c23d6e
Merge pull request #4663 from robmry/4648-clearer_ipv6_in_add-host
Permit '=' separator and '[ipv6]' in --add-host
2023-12-11 16:40:58 +01:00
Sebastiaan van Stijn 623d9b1f68
Merge pull request #4703 from thaJeztah/update_deprecations
docs/deprecated.md: add missing versions for  "-g / --graph" and devicemapper removal to table
2023-12-08 13:02:52 +01:00
Sebastiaan van Stijn 3f519b8241
docs/deprecated.md: add version for "-g" / "--graph" removal
commit 304c100ed2 updated the deprecation
status for these options, but forgot to update the status in the table.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-07 22:34:38 +01:00
Sebastiaan van Stijn 6dc92b6678
docs/deprecate.md: add version for devicemapper removal to table
commit 5d6612798a updated the deprecation
status for devicemapper to "removed", but forgot to update the status
in the table.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-07 22:30:28 +01:00
robmry a682b8e655 Permit '=' separator and '[ipv6]' in --add-host
Fixes #4648

Make it easier to specify IPv6 addresses in the '--add-host' option by
permitting 'host=ip' in addition to 'host:ip', and allowing square
brackets around the address.

For example:

    --add-host=my-hostname:127.0.0.1
    --add-host=my-hostname:::1
    --add-host=my-hostname=::1
    --add-host=my-hostname:[::1]

To avoid compatibility problems, the CLI will replace an '=' separator
with ':', and strip brackets, before sending the request to the API.

Signed-off-by: Rob Murray <rob.murray@docker.com>
2023-12-07 18:29:19 +00:00
Sebastiaan van Stijn af23916995
Merge pull request #4701 from docker/dependabot/github_actions/actions/setup-go-5
build(deps): bump actions/setup-go from 4 to 5
2023-12-07 17:42:18 +01:00
dependabot[bot] 626e64ccfd
build(deps): bump actions/setup-go from 4 to 5
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-07 08:17:34 +00:00
Sebastiaan van Stijn 73ef44fbdb
Merge pull request #4697 from thaJeztah/bump_engine
vendor: github.com/docker/docker 4046ae5e2fd4 (v25.0.0-dev)
2023-12-06 15:00:48 +01:00
Sebastiaan van Stijn 0cf7bff0be
vendor: github.com/docker/docker 4046ae5e2fd4 (v25.0.0-dev)
full diff: 029519a149...4046ae5e2f

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-06 02:06:38 +01:00
Sebastiaan van Stijn cddd1869a8
Merge pull request #4694 from thaJeztah/update_golang_1.21.5
update to go1.21.5
2023-12-06 00:41:55 +01:00
Sebastiaan van Stijn c47141bde0
Merge pull request #4684 from dvdksn/fix-build-prune-cache-warn
prune: fix build cache prune warning
2023-12-06 00:18:19 +01:00
Sebastiaan van Stijn bdb45a9c2d
update to go1.21.5
go1.21.5 (released 2023-12-05) includes security fixes to the go command,
and the net/http and path/filepath packages, as well as bug fixes to the
compiler, the go command, the runtime, and the crypto/rand, net, os, and
syscall packages. See the Go 1.21.5 milestone on our issue tracker for
details:

- https://github.com/golang/go/issues?q=milestone%3AGo1.21.5+label%3ACherryPickApproved
- full diff: https://github.com/golang/go/compare/go1.21.5...go1.21.5

from the security mailing:

[security] Go 1.21.5 and Go 1.20.12 are released

Hello gophers,

We have just released Go versions 1.21.5 and 1.20.12, minor point releases.

These minor releases include 3 security fixes following the security policy:

- net/http: limit chunked data overhead

  A malicious HTTP sender can use chunk extensions to cause a receiver
  reading from a request or response body to read many more bytes from
  the network than are in the body.

  A malicious HTTP client can further exploit this to cause a server to
  automatically read a large amount of data (up to about 1GiB) when a
  handler fails to read the entire body of a request.

  Chunk extensions are a little-used HTTP feature which permit including
  additional metadata in a request or response body sent using the chunked
  encoding. The net/http chunked encoding reader discards this metadata.
  A sender can exploit this by inserting a large metadata segment with
  each byte transferred. The chunk reader now produces an error if the
  ratio of real body to encoded bytes grows too small.

  Thanks to Bartek Nowotarski for reporting this issue.

  This is CVE-2023-39326 and Go issue https://go.dev/issue/64433.

- cmd/go: go get may unexpectedly fallback to insecure git

  Using go get to fetch a module with the ".git" suffix may unexpectedly
  fallback to the insecure "git://" protocol if the module is unavailable
  via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE
  is not set for said module. This only affects users who are not using
  the module proxy and are fetching modules directly (i.e. GOPROXY=off).

  Thanks to David Leadbeater for reporting this issue.

  This is CVE-2023-45285 and Go issue https://go.dev/issue/63845.

- path/filepath: retain trailing \ when cleaning paths like \\?\c:\

  Go 1.20.11 and Go 1.21.4 inadvertently changed the definition of the
  volume name in Windows paths starting with \\?\, resulting in
  filepath.Clean(\\?\c:\) returning \\?\c: rather than \\?\c:\ (among
  other effects). The previous behavior has been restored.

  This is an update to CVE-2023-45283 and Go issue https://go.dev/issue/64028.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-05 23:53:29 +01:00
Sebastiaan van Stijn afc62d8d1c
update to go1.21.4
Reverts "update to go1.21.4" due to regressions / breaking changes."

This reverts commit 4cf1c50ad1.
This re-applies commit 6472dabe4c.

----

update to go1.21.4

go1.21.4 (released 2023-11-07) includes security fixes to the path/filepath package, as well as bug fixes to the linker, the runtime, the compiler, and the go/types, net/http, and runtime/cgo packages. See the Go 1.21.4 milestone on our issue tracker for details:

- https://github.com/golang/go/issues?q=milestone%3AGo1.21.4+label%3ACherryPickApproved
- full diff: https://github.com/golang/go/compare/go1.21.3...go1.21.4

from the security mailing:

[security] Go 1.21.4 and Go 1.20.11 are released

Hello gophers,

We have just released Go versions 1.21.4 and 1.20.11, minor point releases.

These minor releases include 2 security fixes following the security policy:

- path/filepath: recognize `\??\` as a Root Local Device path prefix.

  On Windows, a path beginning with `\??\` is a Root Local Device path equivalent
  to a path beginning with `\\?\`. Paths with a `\??\` prefix may be used to
  access arbitrary locations on the system. For example, the path `\??\c:\x`
  is equivalent to the more common path c:\x.

  The filepath package did not recognize paths with a `\??\` prefix as special.

  Clean could convert a rooted path such as `\a\..\??\b` into
  the root local device path `\??\b`. It will now convert this
  path into `.\??\b`.

  `IsAbs` did not report paths beginning with `\??\` as absolute.
  It now does so.

  VolumeName now reports the `\??\` prefix as a volume name.

  `Join(`\`, `??`, `b`)` could convert a seemingly innocent
  sequence of path elements into the root local device path
  `\??\b`. It will now convert this to `\.\??\b`.

  This is CVE-2023-45283 and https://go.dev/issue/63713.

- path/filepath: recognize device names with trailing spaces and superscripts

  The `IsLocal` function did not correctly detect reserved names in some cases:

  - reserved names followed by spaces, such as "COM1 ".
  - "COM" or "LPT" followed by a superscript 1, 2, or 3.

  `IsLocal` now correctly reports these names as non-local.

  This is CVE-2023-45284 and https://go.dev/issue/63713.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-05 23:52:56 +01:00
David Karlsson 8bbc97c867 prune: fix build cache prune warning
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-05 20:11:15 +01:00
Sebastiaan van Stijn 0acee94354
Merge pull request #4687 from TheRealGramdalf/dockerd-ref-patch
Fix typo in dockerd reference documentation
2023-12-03 14:50:41 +01:00
TheRealGramdalf e93ec2f6a6 Fix typo in dockerd reference documentation
Signed-off-by: Graeme Wiebe <graeme.wiebe@gmail.com>
2023-12-02 15:18:27 -08:00
Sebastiaan van Stijn ecf9bd3870
Merge pull request #4686 from thaJeztah/update_engine2
vendor: github.com/docker/docker 029519a1498b (v25.0.0-dev)
2023-12-01 16:45:05 +01:00
Sebastiaan van Stijn f807c9494b
Merge pull request #4690 from thaJeztah/bump_mux
vendor: github.com/gorilla/mux v1.8.1
2023-12-01 16:44:41 +01:00
Sebastiaan van Stijn 5a04708880
vendor: github.com/docker/docker 029519a1498b (v25.0.0-dev)
full diff: cfdca8dc1d...029519a149

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-01 16:32:47 +01:00
Sebastiaan van Stijn aa9fdb4dd0
vendor: github.com/gorilla/mux v1.8.1
full diff: https://github.com/gorilla/mux/compare/v1.8.0...v1.8.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-01 16:12:20 +01:00
Sebastiaan van Stijn 0c46ef0c3a
Merge pull request #4689 from perlun/patch-1
exec.md: remove misleading part
2023-12-01 14:52:22 +01:00
Per Lundberg a431b1dda6
exec.md: remove misleading part
"By default" implies that this is something which could be
disabled for an individual `docker exec` call. This doesn't seem
to be the case, so removing the "by default" part would make
these docs clearer to me.

Signed-off-by: Per Lundberg <per.lundberg@hibox.tv>
2023-12-01 15:32:41 +02:00
Sebastiaan van Stijn c1455b6751
Merge pull request #4683 from thaJeztah/remove_ce_ee
Readme: remove reference to "Docker EE"
2023-11-28 12:52:36 +01:00
Sebastiaan van Stijn 654ff3ae00
Merge pull request #4681 from thaJeztah/noraw
docs: remove "{% raw %}" / "{% endraw %}" Jekyl (liquid) leftovers
2023-11-28 10:25:31 +01:00
Sebastiaan van Stijn b62b5d48f2
Readme: remove reference to "Docker EE"
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-28 10:23:11 +01:00
Sebastiaan van Stijn 48e889023f
Merge pull request #4679 from thaJeztah/fix_flag_typo
docs/man: fix -name flag with single hyphen
2023-11-27 22:12:05 +01:00
Sebastiaan van Stijn 354f62f0c5
docs: reference/commandlin/cli: remove redundant italic
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-27 22:05:49 +01:00
Sebastiaan van Stijn e2626200aa
docs: remove "{% raw %}" / "{% endraw %}" Jekyl (liquid) leftovers
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-27 22:05:39 +01:00
Sebastiaan van Stijn 174cbb588f
docs/man: fix -name flag with single hyphen
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-27 20:58:55 +01:00
Sebastiaan van Stijn 5aa3077c36
Merge pull request #4673 from thaJeztah/update_engine
vendor: github.com/docker/docker cfdca8dc1d4c (v25.0.0-dev)
2023-11-24 10:29:26 +01:00
Sebastiaan van Stijn 539537ddf5
vendor: github.com/docker/docker cfdca8dc1d4c (v25.0.0-dev)
also added nolint:staticcheck to spec.Networks refs

full diff: https://github.com/docker/docker/compare/v25.0.0-beta.1...cfdca8dc1d4c84ee235f395a011ca62315c957a7

Co-authored-by: Albin Kerouanton <albinker@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-24 09:50:12 +01:00
Sebastiaan van Stijn 6d820e817b
Merge pull request #4354 from thaJeztah/update_alpine_3.18
Dockerfile: update ALPINE_VERSION to 3.18
2023-11-23 23:51:30 +01:00
Sebastiaan van Stijn 0c0ef7f690
Merge pull request #4675 from thaJeztah/update_buildx
Dockerfile: update buildx to v0.12.0
2023-11-23 23:44:04 +01:00
Sebastiaan van Stijn 6a74a63ee2
Dockerfile: update ALPINE_VERSION to 3.18
This also moves `musl-dev` to the alpine-base stage, due to changes in
Alpine 3.18 causing gotestsum build to fail because stdlib.h was missing;

    #17 5.065 # runtime/cgo
    #17 5.065 In file included from _cgo_export.c:3:
    #17 5.065 /usr/include/fortify/stdlib.h:23:15: fatal error: stdlib.h: No such file or directory
    #17 5.065    23 | #include_next <stdlib.h>
    #17 5.065       |               ^~~~~~~~~~

alpine 3.17:

    / # find / | grep stdlib.h
    /usr/include/c++/12.2.1/tr1/stdlib.h
    /usr/include/c++/12.2.1/stdlib.h

alpine 3.18

    / # find / | grep stdlib.h
    /usr/lib/llvm16/lib/clang/16/include/__clang_hip_stdlib.h
    /usr/include/fortify/stdlib.h
    /usr/include/c++/12.2.1/tr1/stdlib.h
    /usr/include/c++/12.2.1/stdlib.h

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-23 23:37:48 +01:00
Sebastiaan van Stijn 49f7de7089
Merge pull request #4674 from thaJeztah/docs_bookworm
docs: update debian examples to use bookworm
2023-11-23 23:35:30 +01:00
Sebastiaan van Stijn 35c6e915d1
Dockerfile: update buildx to v0.12.0
Release notes: https://github.com/docker/buildx/releases/tag/v0.12.0

Full diff: https://github.com/docker/buildx/compare/v0.11.1...v0.12.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-23 23:32:14 +01:00
Sebastiaan van Stijn 6468c63c81
docs: update debian examples to use bookworm
"bullseye" is no longer the "latest" debian, so these
examples were now incorrect.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-23 23:21:07 +01:00